German experts see Russian link in deadly hospital cyber attack
German authorities probing a cyber attack on a hospital's IT system that led to a fatal delay in treatment for a critically
ill woman believe the software used can be traced back to Russian hackers.
In an update to lawmakers published on Tuesday, prosecutors wrote that hackers used malware known as "Doppelpaymer" to disable computers at Düsseldorf University Hospital on September 10th, aiming to encrypt data and then demand payment to unlock it again.
The same ransomware has been used in cyber attacks around the world carried out "by a group of hackers that, according to private security firms, is based in Russia", the report said.
The attack saw the hospital's computer system become disconnected from the ambulance network.
A severely ill woman was therefore admitted to a hospital further away in Wuppertal and died shortly afterwards.
READ ALSO: Manslaughter probe as patient dies after Düsseldorf hospital hacking attack
The longer distance that the ambulance had to travel led to an hour's delay before medical staff were able to treat her.
Cologne prosecutors last week opened an investigation into involuntary manslaughter against unknown suspects over the woman's death.
If charges are brought, it would be a rare case of a hacking with deadly consequences.
Investigators suspect that the hackers had not meant to hit the hospital, with the actual target thought to have been the affiliated Heinrich Heine University in Düsseldorf.
Local police were able to contact the hackers during the attack to tell them patients' lives were at risk, prompting the hackers to hand over a decryption key before breaking off communication.
Germany has seen several hacker attacks on research and higher education institutions in recent months, including the University of Giessen, the University of Cologne and the Ruhr University Bochum.
The German government has in recent years blamed Russia for several high-profile attempts by hackers to spy on lawmakers or leading politicians, including Chancellor Angela Merkel.
Comments
See Also
In an update to lawmakers published on Tuesday, prosecutors wrote that hackers used malware known as "Doppelpaymer" to disable computers at Düsseldorf University Hospital on September 10th, aiming to encrypt data and then demand payment to unlock it again.
The same ransomware has been used in cyber attacks around the world carried out "by a group of hackers that, according to private security firms, is based in Russia", the report said.
The attack saw the hospital's computer system become disconnected from the ambulance network.
A severely ill woman was therefore admitted to a hospital further away in Wuppertal and died shortly afterwards.
READ ALSO: Manslaughter probe as patient dies after Düsseldorf hospital hacking attack
The longer distance that the ambulance had to travel led to an hour's delay before medical staff were able to treat her.
Cologne prosecutors last week opened an investigation into involuntary manslaughter against unknown suspects over the woman's death.
If charges are brought, it would be a rare case of a hacking with deadly consequences.
Investigators suspect that the hackers had not meant to hit the hospital, with the actual target thought to have been the affiliated Heinrich Heine University in Düsseldorf.
Local police were able to contact the hackers during the attack to tell them patients' lives were at risk, prompting the hackers to hand over a decryption key before breaking off communication.
Germany has seen several hacker attacks on research and higher education institutions in recent months, including the University of Giessen, the University of Cologne and the Ruhr University Bochum.
The German government has in recent years blamed Russia for several high-profile attempts by hackers to spy on lawmakers or leading politicians, including Chancellor Angela Merkel.
Join the conversation in our comments section below. Share your own views and experience and if you have a question or suggestion for our journalists then email us at [email protected].
Please keep comments civil, constructive and on topic – and make sure to read our terms of use before getting involved.
Please log in here to leave a comment.